WEBVTT
NOTE recognizability 0.909
00:00:11.620 --> 00:00:12.080
Hello,
00:00:12.080 --> 00:00:16.940
I'm Robert Ford, Senior Director in IT Showcase and I'm here today talking to Bret Arsenault
00:00:16.940 --> 00:00:21.650
our Corporate Vice President and Chief Information Security officer from Microsoft.
00:00:21.650 --> 00:00:26.430
Now today we're talking about how Microsoft approaches security. Mainly how we ensure our
00:00:26.430 --> 00:00:29.460
customer's data is secure and how we approach securing
00:00:29.460 --> 00:00:33.040
the enterprise. Now while this is a huge topic we're going to give you a
00:00:33.040 --> 00:00:36.580
taste of considerations the Core Services Engineering team
00:00:36.580 --> 00:00:41.940
formally Microsoft IT takes to secure our enterprise. For more information please check our web
00:00:41.940 --> 00:00:46.630
site at microsoft.com/itshowcase, but let's get into it. So
00:00:46.630 --> 00:00:51.150
Bret, welcome (thanks Robert), first question - Bret as a top software and service
00:00:51.150 --> 00:00:54.190
provider what is Microsoft's overall approach to security?
00:00:55.300 --> 00:01:01.310
And, it's a good question - most people don't think of as a security vendor like your classic security companies but
00:01:01.310 --> 00:01:06.060
but we take the approach years ago - really a three pronged approach that we would take security and we
00:01:06.060 --> 00:01:10.020
would be really bake it into the platform so you think of it in three steps we have a platform
00:01:10.020 --> 00:01:13.780
we have intelligence and we have partners and so we bake security into the platform
00:01:13.780 --> 00:01:16.690
whether its Office or Azure Cloud Services or even on-prem services
00:01:16.690 --> 00:01:21.670
and its just baked into what we do. And then we really try to leverage
00:01:21.670 --> 00:01:25.180
the intelligence of the system that we have today so a lot of people talk
00:01:25.180 --> 00:01:30.860
about the telemetry they can get a lot of people talk about speeds and feeds. Actually interestingly
00:01:30.860 --> 00:01:35.340
intelligence is more about the diversity of the data so we get data from endpoints
00:01:35.340 --> 00:01:40.150
from network, from cloud scale services from industry services across our cloud
00:01:40.150 --> 00:01:43.350
practice that really allow us to take that intelligence and
00:01:43.350 --> 00:01:48.560
make actiontionable - make it actual and how we respond, recover and build into our products
00:01:48.560 --> 00:01:51.280
so its a virtuous cycle. And then lastly
00:01:51.280 --> 00:01:56.040
the partner ecosystem plays a huge part for us both in terms of working with either government
00:01:56.040 --> 00:02:01.420
agencies around the world or working with ISVs or IHVs - the software vendors
00:02:01.420 --> 00:02:06.390
or hardware vendors to actually produce solutions - we don't produce every security piece and we expect to
00:02:06.390 --> 00:02:10.570
work with our partners so that we can integrate with customer solutions or
00:02:10.570 --> 00:02:15.590
add capabilities that we don't have so between the platform, the intelligence and the partners we think
00:02:15.590 --> 00:02:19.000
that provides a holistic view of how to think about security for any enterprise.
00:02:20.030 --> 00:02:24.230
Cool, so more precisely, how is your team securing the Microsoft,
00:02:24.230 --> 00:02:30.030
Microsoft enterprise. How do you think about it? Yeah, that's an interesting scenario?
00:02:30.030 --> 00:02:34.350
On the one sense though I'm protecting our company just like any other person or entity
00:02:34.350 --> 00:02:37.810
or CSO in the industry but, then of course we have these massive services
00:02:37.810 --> 00:02:42.390
we run at the same time so really one of the things we've really learned
00:02:42.390 --> 00:02:45.540
is this really simple concept we call "the stool" because
00:02:45.540 --> 00:02:50.940
while we run hundreds of different projects to protect the company, getting buy in
00:02:50.940 --> 00:02:54.460
at a higher-level for those from our executive staff
00:02:54.460 --> 00:03:00.060
and our board of directors that there's really five simple things we think about. There's, at the end
00:03:00.060 --> 00:03:04.410
of the day they were trying to protect data which is information so that's our end goal
00:03:04.410 --> 00:03:09.520
and at the bottom you have to have a set of processes and risk management practices to identify
00:03:09.520 --> 00:03:13.370
and prioritize the work you do. There's always an awful lot of work so which ones do
00:03:13.370 --> 00:03:18.590
you prioritize on top. And then the execution elements that really support that
00:03:18.590 --> 00:03:23.570
stool which is the information protection on top as we really simplified it down to
00:03:23.570 --> 00:03:25.370
1) you have to have a healthy device
00:03:25.370 --> 00:03:29.930
2) you have great identity management and 3) you have to have wonderful telemetry both for responding
00:03:29.930 --> 00:03:34.900
to threats but also to feed into your system to make this virtuous cycle that you're always improving
00:03:34.900 --> 00:03:39.420
the system so that the thing about that stool I think sometimes people forget
00:03:39.420 --> 00:03:43.470
is any one of those legs breaks and the whole thing topples over (great analogy),
00:03:43.470 --> 00:03:48.350
yeah. So Bret I want to thank you today for taking the time to talk to me
00:03:48.350 --> 00:03:53.140
about our approach to security at Microsoft. Everyone please remember to check out our
00:03:53.140 --> 00:03:57.730
website microsoft.com/itshowcase for more information about how we do
00:03:57.730 --> 00:04:09.510
security at Microsoft. Bret thank you and everybody thank you very much.
00:04:02.510 --> 00:04:05.510
Thanks Rob, appreciate you letting me come in here.